Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 29, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
234411	6.8	警告	VideoLAN	-	VLC における整数オーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2008-1768	2012-12-20 18:52	2008-04-13	Show	GitHub Exploit DB Packet Storm

234412	10	危険	phpBB	-	phpBB における脆弱性	CWE-noinfo 情報不足	CVE-2008-1766	2012-12-20 18:52	2008-04-12	Show	GitHub Exploit DB Packet Storm

234413	4.9	警告	サン・マイクロシステムズ	-	Sun N1 Grid Engine の Qmaster デーモンにおけるサービス運用妨害 (DoS) の脆弱性	CWE-noinfo 情報不足	CVE-2008-1756	2012-12-20 18:52	2008-04-9	Show	GitHub Exploit DB Packet Storm

234414	5	警告	zekewalker	-	World of Phaos の showSource.php におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2008-1755	2012-12-20 18:52	2008-04-11	Show	GitHub Exploit DB Packet Storm

234415	1.7	注意	シマンテック	-	Symantec Altiris Deployment Solution における重要な情報を取得される脆弱性	CWE-310 暗号の問題	CVE-2008-1754	2012-12-20 18:52	2008-04-10	Show	GitHub Exploit DB Packet Storm

234416	2.1	注意	Beijing Rising International Software	-	Rising Antivirus 2008 におけるサービス運用妨害 (DoS) の脆弱性	CWE-20 不適切な入力確認	CVE-2008-1738	2012-12-20 18:52	2008-04-29	Show	GitHub Exploit DB Packet Storm

234417	6.9	警告	ソフォス	-	Sophos Anti-Virus におけるサービス運用妨害 (DoS) の脆弱性	CWE-20 不適切な入力確認	CVE-2008-1737	2012-12-20 18:52	2008-04-29	Show	GitHub Exploit DB Packet Storm

234418	7.5	危険	pragmaticutopia	-	Joomla! 用の com_puarcade コンポーネントにおける SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-1733	2012-12-20 18:52	2008-04-11	Show	GitHub Exploit DB Packet Storm

234419	7.5	危険	predictionfootball	-	Prediction Football の showpredictionsformatch.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-1732	2012-12-20 18:52	2008-04-11	Show	GitHub Exploit DB Packet Storm

234420	9.3	危険	tumbleweed	-	Tumbleweed SecureTransport Server の vcst_en.dll におけるスタックベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2008-1724	2012-12-20 18:52	2008-04-11	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 30, 2026, 4:22 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
381	7.5	HIGH Network	-	-	In the Linux kernel, the following vulnerability has been resolved: fs/fcntl: fix SOFTIRQ-unsafe lock order in fasync signaling A SOFTIRQ-safe to SOFTIRQ-unsafe lock order deadlock can occur in sen… Update	-	CVE-2026-52946	2026-06-29 15:16	2026-06-25	Show	GitHub Exploit DB Packet Storm

382	6.3	MEDIUM Network	joomlaworks	k2	The K2 frontend article-attachment upload path accepts files whose extension is `.php`, and Apache's standard mod_php matches `\.php$` and executes them under the K2 web user. A K2 Author can upload … Update	CWE-434 Unrestricted Upload of File with Dangerous Type	CVE-2026-48946	2026-06-29 04:16	2026-06-26	Show	GitHub Exploit DB Packet Storm

383	5.3	MEDIUM Network	joomlaworks	k2	The K2 article gallery upload path accepts a zip/tar archive, extracts it under `/media/k2/galleries/<id>/`, and only renames image files (gif/jpg/jpeg/png/webp) to safe names — non-image files (incl… Update	CWE-434 Unrestricted Upload of File with Dangerous Type	CVE-2026-48945	2026-06-29 04:16	2026-06-26	Show	GitHub Exploit DB Packet Storm

384	6.5	MEDIUM Network	joomlaworks	k2	The K2 frontend article-save handler accepts an `attachment[N][existing]` POST field that is concatenated with `JPATH_SITE/` and passed to `JFile::copy()`. `JPath::clean` does NOT strip `..`, and the… Update	CWE-22 Path Traversal	CVE-2026-48944	2026-06-29 04:16	2026-06-26	Show	GitHub Exploit DB Packet Storm

385	6.5	MEDIUM Network	joomlaworks	k2	K2 ≤ 2.24 contains a mass-assignment defect in the K2 system user plugin `plg_user_k2`. A Registered Joomla user, by including the field `K2UserForm=1` in a standard `com_users` `profile.save` POST, … Update	CWE-915 Improperly Controlled Modification of Dynamically-Determined Object Attributes	CVE-2026-48943	2026-06-29 04:16	2026-06-26	Show	GitHub Exploit DB Packet Storm

386	6.1	MEDIUM Network	joomlaworks	k2	K2 ≤ 2.26 renders the `#__k2_users.image` column directly into HTML `src` attributes via two distinct templates, in both cases without HTML escaping. Update	CWE-79 Cross-site Scripting	CVE-2026-48942	2026-06-29 04:16	2026-06-26	Show	GitHub Exploit DB Packet Storm

387	6.5	MEDIUM Network	joomlaworks	k2	The K2 frontend `item.checkin` task accepts an unauthenticated `sigProFolder` query parameter and uses it directly to address a `JFolder::delete()` call under `/media/k2/galleries/` Update	CWE-862 Missing Authorization	CVE-2026-48941	2026-06-29 04:16	2026-06-26	Show	GitHub Exploit DB Packet Storm

388	3.4	LOW Network	joomlaworks	k2	A Joomla user with K2 "create item" rights (Author tier by default) can submit an article whose `embedVideo` POST field contains a raw `<script>` tag; K2 stores it verbatim and renders it unescaped t… Update	CWE-79 Cross-site Scripting	CVE-2026-48940	2026-06-29 04:16	2026-06-26	Show	GitHub Exploit DB Packet Storm

389	8.8	HIGH Local	-	-	In the Linux kernel, the following vulnerability has been resolved: vfio/pci: Clean up DMABUFs before disabling function On device shutdown, make vfio_pci_core_close_device() call vfio_pci_dma_buf_… New	-	CVE-2026-53322	2026-06-28 17:16	2026-06-27	Show	GitHub Exploit DB Packet Storm

390	9.8	CRITICAL Network	-	-	In the Linux kernel, the following vulnerability has been resolved: ocfs2/dlm: fix off-by-one in dlm_match_regions() region comparison The local-vs-remote region comparison loop uses '<=' instead o… New	-	CVE-2026-53309	2026-06-28 17:16	2026-06-27	Show	GitHub Exploit DB Packet Storm